ROCK Pi 4: Software RAID & encrypted LVM

I want to use my ROCK Pi 4, among other things, for a web server, a mail server and a cloud storage, so reliability is quite important. In the setup I use up until now I only have a backup, so if the SSD with my root file system would fail all these services would be down – and I would be really stressed out – for several hours (until I manage to get home, install Debian and restore the system). That’s why I decided to make use of data mirroring (RAID 1) for my new home server.

I also want to strengthen security, so I encrypt all partitions (dm-crypt) except my boot partition. And since I’m not entirely convinced of my chosen partitioning scheme I make use of the Logical Volume Manager to be able to manage my partitions more flexible.

Here I wrote down how I managed to encrypt all partitions (except my boot partition), mirror my whole file system (including the boot partition) and ensure that my boot loader U-Boot can read the files necessary to boot the system.

Continue reading „ROCK Pi 4: Software RAID & encrypted LVM“